Hornerautomation

Cscape Envisionrv

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-32203

  • EPSS 0.06%
  • Veröffentlicht 06.06.2023 17:15:15
  • Zuletzt bearbeitet 21.11.2024 08:02:53

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary...

7.8

CVE-2023-31244

  • EPSS 0.04%
  • Veröffentlicht 06.06.2023 17:15:14
  • Zuletzt bearbeitet 21.11.2024 08:01:41

The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer. ...

7.8

CVE-2023-31278

  • EPSS 0.06%
  • Veröffentlicht 06.06.2023 17:15:14
  • Zuletzt bearbeitet 21.11.2024 08:01:43

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the contex...

7.8

CVE-2023-27916

  • EPSS 0.06%
  • Veröffentlicht 06.06.2023 17:15:13
  • Zuletzt bearbeitet 21.11.2024 07:53:41

The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code i...

7.8

CVE-2023-28653

  • EPSS 0.05%
  • Veröffentlicht 06.06.2023 17:15:13
  • Zuletzt bearbeitet 21.11.2024 07:55:44

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code...

7.8

CVE-2023-29503

  • EPSS 0.05%
  • Veröffentlicht 06.06.2023 17:15:13
  • Zuletzt bearbeitet 21.11.2024 07:57:11

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the con...

7.8

CVE-2023-32289

  • EPSS 0.06%
  • Veröffentlicht 06.06.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:03:02

The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in ...

7.8

CVE-2023-32539

  • EPSS 0.04%
  • Veröffentlicht 06.06.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:03:33

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execu...

7.8

CVE-2023-32281

  • EPSS 0.06%
  • Veröffentlicht 06.06.2023 16:15:09
  • Zuletzt bearbeitet 21.11.2024 08:03:02

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary co...

7.8

CVE-2023-32545

  • EPSS 0.06%
  • Veröffentlicht 06.06.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:03:34

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute ...